With the continuing development and use of mobile technology, more and more features are being integrated into mobile devices. For example, global positioning system (GPS) applications, mobile office products, messaging systems, video cameras, and even compass functionalities have been incorporated into mobile devices, which has led to their widespread adoption in both business and personal contexts.
To further utilize mobile technology to better cater to a user's daily needs, some attempts have been made to utilize technology enabled by mobile devices to replace conventional physical wallets. For example, one way to provide mobile wallet functionality has been realized by provisioning a card issuer's account information directly onto a secure element (SE) of a mobile device that may be equipped with Near Field Communication (NFC) chipset. A SE may be a smart card chip that is capable of storing multiple applications and/or account specific information that may not be easily accessed by external parties. NFC technology is commonly used for contactless short-range communications based on radio frequency identification (RFID) standards using magnetic field induction to enable communication between electronic devices. This short-range high frequency wireless communications technology allows devices to exchange data over a short distance (e.g., a few centimeters). Such mobile devices may thus use a mobile wallet application that, like a conventional physical wallet, may “contain” payment cards (e.g., credit cards, debit cards, prepaid cards), member cards, transportation cards, loyalty cards, etc.
To this end, user credentials (e.g., financial credentials such as a Primary Account Number (PAN) of an account, an expiry date, etc. or personal credentials such as name, address, date of birth, employment information, title, etc.) may be provisioned onto mobile devices. Once these credentials have been provisioned onto the mobile device, an NFC-enabled device may transact with (e.g., transfer information, make payments to) another NFC-enabled device by placing the devices near each other. Additionally, mobile devices with provisioned credentials may also be used to perform transactions with other remote systems (e.g., such as a website of a merchant) using other wireless protocols, such as via a cellular or wireless (e.g., IEEE 802.11) network.
Although the benefits from integrating wallet functionality into mobile devices are significant and still being developed, the prevailing technology still lacks effective and safe processes and means to securely and efficiently provision credentials to user devices.
One major concern in provisioning credentials to user devices is whether the payment account that is being provisioned on the device belongs to the rightful owner of the device. This may happen when an unauthorized person tries to provision a payment card on his/her device. The payment card may have been reported stolen or may have been given to the person by the rightful owner for other purposes, e.g. for payment at a merchant location.
Embodiments of the invention address these and other problems, individually and collectively.